Public-Private Partnerships for Cybersecurity Information Sharing

So in the cyber domain we often talk about the need for a “Public-Private-Partnership” or a PPP to share information about cyber threats and vulnerabilities. These PPPs are sometimes criticized as ineffective and convoluted in nature.

Well, now we have graphic proof of that proposition. The chart below was created by Rachel Nyswander Thomas, a graduate student at Georgetown University, as part of her thesis “Securing Cyberspace Through Public Private Partnership: A Comparative Analysis of Partnership Models” and is republished here with her kind permission.

What the graphic shows is the radical proliferation of sharing structures across the cyber domain. Even though I study this area, there are a few on the chart that are unfamiliar to me. As Thomas rightly notes, we need a new model. While the McCain bill would leave this structure unchanged (I guess on the theory that you can only make it worse) the Lieberman-Collins bill would have added at least one more exchange. If it replaced all these others it might be an improvement – if it just added to them … perhaps not.

Paul Rosenzweig is the founder of Red Branch Consulting PLLC, a homeland security consulting company and a Senior Advisor to The Chertoff Group. Mr. Rosenzweig formerly served as Deputy Assistant Secretary for Policy in the Department of Homeland Security.He is a Professorial Lecturer in Law at George Washington University and an Adjunct Lecturer at Northwestern University.